Hello SamSpade,
I can see from your recent posts, that you have some concerns about the safety of your PC during boot/login.
I will of course test this for you, but could you tell me what O.S. you are using, as I would also like to point out a number of possible ways to protect yourself. (do realise that a lot of firewalls will not protect you during boot, this is mainly down to the need for DHCP (so your PC can get an IP),... some will give an option to block or allow traffic during boot, but actual packet/port filtering during boot is only available by a few firewalls.

Hello SamSpade,
I can see from your recent posts, that you have some concerns about the safety of your PC during boot/login.
I will of course test this for you, but could you tell me what O.S. you are using, as I would also like to point out a number of possible ways to protect yourself. (do realise that a lot of firewalls will not protect you during boot, this is mainly down to the need for DHCP (so your PC can get an IP),... some will give an option to block or allow traffic during boot, but actual packet/port filtering during boot is only available by a few firewalls.

Click to expand...

Thanks, Stem. I'm using XP sp2, all updates. And for the record, I use NOD32, SpySweeper (real-time anti-vir turned off), and am trialing AVG anti-malware (used to be Ewido) currently running in real-time with no apparent conflicts with anything else.

Hello SamSpade,
I can see from your recent posts, that you have some concerns about the safety of your PC during boot/login.
I will of course test this for you, but could you tell me what O.S. you are usi)ng, as I would also like to point out a number of possible ways to protect yourself. (do realise that a lot of firewalls will not protect you during boot, this is mainly down to the need for DHCP (so your PC can get an IP,... some will give an option to block or allow traffic during boot, but actual packet/port filtering during boot is only available by a few firewalls.

Click to expand...

You've got my concern down right, Stem.

Btw, do you have a list of firewalls that *do* give the option of blocking traffic during boot/shut-down? I know SunKerio 4.3 does (but, good Lord, what a RAM hog).

Hi SamSpade,
I have installed NTwrapper for Jetico. There is a period of about 5 seconds while booting to login screen that the PC is unprotected, but there after jetico is running and filtering (while waiting to login). During shutdown, the PC is unprotected (on this setup).

SamSpade said:

Btw, do you have a list of firewalls that *do* give the option of blocking traffic during boot/shut-down?

Hi SamSpade,
I have installed NTwrapper for Jetico. There is a period of about 5 seconds while booting to login screen that the PC is unprotected, but there after jetico is running and filtering (while waiting to login). During shutdown, the PC is unprotected (on this setup).

I dont have a list.

Click to expand...

Thanks for your effots, Stem.

So, even with NTWrapper running Jetico as a service there is still a period when the line into the computer is unprotected??

Any suggestions on how to close down that vulnerability, short of disconnecting the line?

Just to clarify: that post suggests that exists a time interval of 20 seconds between logoff and the restart of Jetico. Have you considered this quirk?

Off topic: I am using PeerGuardian(IP blacklisting). Outpost offers the chance to import the lists. Is there a way to do this in Jetico? If so, what´s the impact on firewall performance and resource usage?
Thanks again

Yes, the cable
Unplug it when shutting down, plug it only when you log in

Click to expand...

Sure, that's one option. What I am looking for is an ironclad way to maintain security (packet filtering or some other method) while the machine *is* connected during boot-up/shut-down.

I know some firewalls give you the option: Sunbelt Kerio 4.3 does, and I believe Zone Alarm's got a service (possibly even a driver) that stays on from the time the computer starts to boot and until the machine shuts off.

I'm looking for firewalls or other options that can keep the computer shielded. It's been said that Jetico running as a service is better than running as an app, but there is still some few seconds that it remains vulnerable. I'm trying to close that vulnerability without unplugging cables or turning off the wifi connection.

Why don't you just disable all the unencessary services so that all of your ports are closed when you don't have a firewall? That way, nothing can happen to your computer since no services can be exploited. Use tcpview from sysinternals to determine what is listening on what port, then search around the web for solutions to close that particular port.

I do know that SKPF has an option to prevent all packets when shutdown and reboot occurs, but it doesn't do any real filtering, just blocks the packets, which isn't needed if nothing can be exploited anyways

SamSpade: I understood you. I was just trying to lighten things up. It's not the end of the world for the firewall not to load ASAP. I know it's always better to have the Firewall load right away, but until then the cable won't fail . If it can be improved though, it should be improved.

Why don't you just disable all the unencessary services so that all of your ports are closed when you don't have a firewall? That way, nothing can happen to your computer since no services can be exploited. Use tcpview from sysinternals to determine what is listening on what port, then search around the web for solutions to close that particular port.

Cheers,

Alphalutra1

Click to expand...

Thanks, Alpha, I'll give that a look.

Is it only services that I need to check? How about drivers, or are they finally working through services they activate in order to do what they do?

SamSpade: I understood you. I was just trying to lighten things up. It's not the end of the world for the firewall not to load ASAP. I know it's always better to have the Firewall load right away, but until then the cable won't fail . If it can be improved though, it should be improved.

Its a case of disabling un-needed windows services, so that ports are not left open. From my own setup, all ports are closed during boot/close down.

Click to expand...

Could you post the list of services you have disabled (for port protection). Also, how long you have been doing this without problems, and also what problems may have occurred after disabling those services??